Re: [PATCH v16 8/8] x86/smpboot: Allow parallel bringup for SEV-ES
From: Borislav Petkov
Date: Mon Mar 27 2023 - 13:48:11 EST
On Thu, Mar 23, 2023 at 10:23:02AM -0400, Brian Gerst wrote:
> Making sure that the stack protector is either disabled or properly
> set up, and disabling any instrumentation/profiling/debug crap that
> isn't initialized yet.
Lemme dump brain of what Tom and I were talking about today so that it
is documented somewhere.
* re: stack protector: I was thinking to mark this function
__attribute__((no_stack_protector))
but gcc added the function attribute way later:
~/src/gcc/gcc.git> git tag --contains 346b302d09c1e6db56d9fe69048acb32fbb97845
basepoints/gcc-12
basepoints/gcc-13
releases/gcc-11.1.0
releases/gcc-11.2.0
releases/gcc-11.3.0
releases/gcc-12.1.0
releases/gcc-12.2.0
which means, that function would have to live somewhere in a file which
has stack protector disabled. One possible place would be
arch/x86/mm/mem_encrypt_identity.c which is kinda related.
* re: stack: in order to be able to call a C function that early, we'd
have to put the VA of the initial stack back into %rsp as we switch
pagetables a bit earlier in there (thx Tom).
So by then, doing all that cargo-cult just in order to not have a bunch
of lines in asm doesn't sound all that great anymore.
* The __head per-function attribute is easily solved by lifting the
__head define into a common header.
So meh, dunno. I guess we can do the asm thing for now, until a cleaner
solution without too many warts presents itself.
As to exporting cc_vendor:
https://lore.kernel.org/r/20230318115634.9392-1-bp@xxxxxxxxx
I'll redo those and the SEV-ES patch won't have to add cc_get_vendor().
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette